package com.staryy.activiti7_workflow.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableWebSecurity
public class ActivitiSecurityConfig{

    @Autowired
    private LoginSuccessHandler loginSuccessHandler;

    @Autowired
    private LoginFailureHandler loginFailureHandler;

    @Bean
    SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        return http
                // 页面登录
                .formLogin()
                // 登录前的相关处理
                .loginProcessingUrl("/login")
                // 登录方法
                .loginPage("/login")
                // 登录成功处理
                .successHandler(loginSuccessHandler)
                // 登录失败处理
                .failureHandler(loginFailureHandler)
                .and()
                .authorizeRequests().anyRequest().permitAll()
                .and()
                .logout().permitAll()
                .and()
                .csrf().disable()
                .headers().frameOptions().disable()
                .and()
                .build();

    }

}
